package io.micronaut.security.handlers;

import io.micronaut.context.annotation.Replaces;
import io.micronaut.context.annotation.Requirements;
import io.micronaut.context.annotation.Requires;
import io.micronaut.context.annotation.Secondary;
import io.micronaut.http.HttpRequest;
import io.micronaut.http.HttpResponse;
import io.micronaut.http.HttpResponseFactory;
import io.micronaut.http.HttpStatus;
import io.micronaut.http.MediaType;
import io.micronaut.http.MutableHttpResponse;
import io.reactivex.BackpressureStrategy;
import io.reactivex.Flowable;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.Optional;
import javax.inject.Singleton;
import org.reactivestreams.Publisher;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Secondary
@Requirements({@Requires(beans = {UnauthorizedRejectionUriProvider.class, ForbiddenRejectionUriProvider.class, RedirectRejectionHandlerConfiguration.class}), @Requires(property = "micronaut.security.redirect.enabled", notEquals = "false")})
@Singleton
@Replaces(HttpStatusCodeRejectionHandler.class)
/* loaded from: input_file:io/micronaut/security/handlers/RedirectRejectionHandler.class */
public class RedirectRejectionHandler implements RejectionHandler {
    private static final Logger LOG = LoggerFactory.getLogger(RedirectRejectionHandler.class);
    private final UnauthorizedRejectionUriProvider unauthorizedRejectionUriProvider;
    private final ForbiddenRejectionUriProvider forbiddenRejectionUriProvider;
    private final RedirectRejectionHandlerConfiguration redirectRejectionHandlerConfiguration;

    public RedirectRejectionHandler(UnauthorizedRejectionUriProvider unauthorizedRejectionUriProvider, ForbiddenRejectionUriProvider forbiddenRejectionUriProvider, RedirectRejectionHandlerConfiguration redirectRejectionHandlerConfiguration) {
        this.unauthorizedRejectionUriProvider = unauthorizedRejectionUriProvider;
        this.forbiddenRejectionUriProvider = forbiddenRejectionUriProvider;
        this.redirectRejectionHandlerConfiguration = redirectRejectionHandlerConfiguration;
    }

    @Override // io.micronaut.security.handlers.RejectionHandler
    public Publisher<MutableHttpResponse<?>> reject(HttpRequest<?> httpRequest, boolean z) {
        return Flowable.create(flowableEmitter -> {
            if (shouldHandleRequest(httpRequest)) {
                try {
                    URI uri = new URI(getRedirectUri(httpRequest, z).orElse("/"));
                    if (httpRequest.getUri().equals(uri)) {
                        flowableEmitter.onNext(HttpResponse.status(z ? HttpStatus.FORBIDDEN : HttpStatus.UNAUTHORIZED));
                    } else {
                        flowableEmitter.onNext(httpResponseWithUri(uri));
                    }
                } catch (URISyntaxException e) {
                    flowableEmitter.onError(e);
                }
            } else {
                flowableEmitter.onNext(HttpResponse.status(z ? HttpStatus.FORBIDDEN : HttpStatus.UNAUTHORIZED));
            }
            flowableEmitter.onComplete();
        }, BackpressureStrategy.ERROR);
    }

    protected boolean shouldHandleRequest(HttpRequest<?> httpRequest) {
        return httpRequest.getHeaders().accept().stream().anyMatch(mediaType -> {
            return mediaType.equals(MediaType.TEXT_HTML_TYPE);
        });
    }

    @Deprecated
    protected MutableHttpResponse<?> httpResponseWithUri(String str) throws URISyntaxException {
        return httpResponseWithUri(new URI(str));
    }

    protected MutableHttpResponse<?> httpResponseWithUri(URI uri) {
        return HttpResponseFactory.INSTANCE.status(redirectionHttpStatus()).headers(mutableHttpHeaders -> {
            mutableHttpHeaders.location(uri);
        });
    }

    protected HttpStatus redirectionHttpStatus() {
        return this.redirectRejectionHandlerConfiguration.getHttpStatus();
    }

    protected Optional<String> getRedirectUri(HttpRequest<?> httpRequest, boolean z) {
        Optional<String> forbiddenRedirectUri = z ? this.forbiddenRejectionUriProvider.getForbiddenRedirectUri(httpRequest) : this.unauthorizedRejectionUriProvider.getUnauthorizedRedirectUri(httpRequest);
        if (LOG.isDebugEnabled()) {
            LOG.debug("redirect uri: {}", forbiddenRedirectUri);
        }
        return forbiddenRedirectUri;
    }
}
